1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "data_translator.h"
17
18 #include <memory>
19
20 #include "accesstoken_dfx_define.h"
21 #include "accesstoken_log.h"
22 #include "access_token_error.h"
23 #include "data_validator.h"
24 #include "permission_validator.h"
25 #include "token_field_const.h"
26
27 namespace OHOS {
28 namespace Security {
29 namespace AccessToken {
30 namespace {
31 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "DataTranslator"};
32 }
33
TranslationIntoGenericValues(const PermissionDef & inPermissionDef,GenericValues & outGenericValues)34 int DataTranslator::TranslationIntoGenericValues(const PermissionDef& inPermissionDef, GenericValues& outGenericValues)
35 {
36 outGenericValues.Put(TokenFiledConst::FIELD_PERMISSION_NAME, inPermissionDef.permissionName);
37 outGenericValues.Put(TokenFiledConst::FIELD_BUNDLE_NAME, inPermissionDef.bundleName);
38 outGenericValues.Put(TokenFiledConst::FIELD_GRANT_MODE, inPermissionDef.grantMode);
39 outGenericValues.Put(TokenFiledConst::FIELD_AVAILABLE_LEVEL, inPermissionDef.availableLevel);
40 outGenericValues.Put(TokenFiledConst::FIELD_PROVISION_ENABLE, inPermissionDef.provisionEnable ? 1 : 0);
41 outGenericValues.Put(TokenFiledConst::FIELD_DISTRIBUTED_SCENE_ENABLE,
42 inPermissionDef.distributedSceneEnable ? 1 : 0);
43 outGenericValues.Put(TokenFiledConst::FIELD_LABEL, inPermissionDef.label);
44 outGenericValues.Put(TokenFiledConst::FIELD_LABEL_ID, inPermissionDef.labelId);
45 outGenericValues.Put(TokenFiledConst::FIELD_DESCRIPTION, inPermissionDef.description);
46 outGenericValues.Put(TokenFiledConst::FIELD_DESCRIPTION_ID, inPermissionDef.descriptionId);
47 outGenericValues.Put(TokenFiledConst::FIELD_AVAILABLE_TYPE, inPermissionDef.availableType);
48 return RET_SUCCESS;
49 }
50
TranslationIntoPermissionDef(const GenericValues & inGenericValues,PermissionDef & outPermissionDef)51 int DataTranslator::TranslationIntoPermissionDef(const GenericValues& inGenericValues, PermissionDef& outPermissionDef)
52 {
53 outPermissionDef.permissionName = inGenericValues.GetString(TokenFiledConst::FIELD_PERMISSION_NAME);
54 outPermissionDef.bundleName = inGenericValues.GetString(TokenFiledConst::FIELD_BUNDLE_NAME);
55 outPermissionDef.grantMode = inGenericValues.GetInt(TokenFiledConst::FIELD_GRANT_MODE);
56 int aplNum = inGenericValues.GetInt(TokenFiledConst::FIELD_AVAILABLE_LEVEL);
57 if (!DataValidator::IsAplNumValid(aplNum)) {
58 ACCESSTOKEN_LOG_ERROR(LABEL, "Apl is wrong.");
59 return ERR_PARAM_INVALID;
60 }
61 outPermissionDef.availableLevel = static_cast<ATokenAplEnum>(aplNum);
62 outPermissionDef.provisionEnable = (inGenericValues.GetInt(TokenFiledConst::FIELD_PROVISION_ENABLE) == 1);
63 outPermissionDef.distributedSceneEnable =
64 (inGenericValues.GetInt(TokenFiledConst::FIELD_DISTRIBUTED_SCENE_ENABLE) == 1);
65 outPermissionDef.label = inGenericValues.GetString(TokenFiledConst::FIELD_LABEL);
66 outPermissionDef.labelId = inGenericValues.GetInt(TokenFiledConst::FIELD_LABEL_ID);
67 outPermissionDef.description = inGenericValues.GetString(TokenFiledConst::FIELD_DESCRIPTION);
68 outPermissionDef.descriptionId = inGenericValues.GetInt(TokenFiledConst::FIELD_DESCRIPTION_ID);
69 int availableType = inGenericValues.GetInt(TokenFiledConst::FIELD_AVAILABLE_TYPE);
70 outPermissionDef.availableType = static_cast<ATokenAvailableTypeEnum>(availableType);
71 return RET_SUCCESS;
72 }
73
TranslationIntoGenericValues(const PermissionStateFull & inPermissionState,const unsigned int grantIndex,GenericValues & outGenericValues)74 int DataTranslator::TranslationIntoGenericValues(const PermissionStateFull& inPermissionState,
75 const unsigned int grantIndex, GenericValues& outGenericValues)
76 {
77 if (grantIndex >= inPermissionState.resDeviceID.size() || grantIndex >= inPermissionState.grantStatus.size() ||
78 grantIndex >= inPermissionState.grantFlags.size()) {
79 ACCESSTOKEN_LOG_ERROR(LABEL, "Perm status grant size is wrong");
80 return ERR_PARAM_INVALID;
81 }
82 outGenericValues.Put(TokenFiledConst::FIELD_PERMISSION_NAME, inPermissionState.permissionName);
83 outGenericValues.Put(TokenFiledConst::FIELD_DEVICE_ID, inPermissionState.resDeviceID[grantIndex]);
84 outGenericValues.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, inPermissionState.isGeneral ? 1 : 0);
85 outGenericValues.Put(TokenFiledConst::FIELD_GRANT_STATE, inPermissionState.grantStatus[grantIndex]);
86 int32_t grantFlags = static_cast<int32_t>(inPermissionState.grantFlags[grantIndex]);
87 outGenericValues.Put(TokenFiledConst::FIELD_GRANT_FLAG, grantFlags);
88 return RET_SUCCESS;
89 }
90
TranslationIntoPermissionStateFull(const GenericValues & inGenericValues,PermissionStateFull & outPermissionState)91 int DataTranslator::TranslationIntoPermissionStateFull(const GenericValues& inGenericValues,
92 PermissionStateFull& outPermissionState)
93 {
94 outPermissionState.isGeneral =
95 ((inGenericValues.GetInt(TokenFiledConst::FIELD_GRANT_IS_GENERAL) == 1) ? true : false);
96 outPermissionState.permissionName = inGenericValues.GetString(TokenFiledConst::FIELD_PERMISSION_NAME);
97 if (!DataValidator::IsPermissionNameValid(outPermissionState.permissionName)) {
98 ACCESSTOKEN_LOG_ERROR(LABEL, "Permission name is wrong");
99 HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_CHECK",
100 HiviewDFX::HiSysEvent::EventType::FAULT, "CODE", LOAD_DATABASE_ERROR,
101 "ERROR_REASON", "permission name error");
102 return ERR_PARAM_INVALID;
103 }
104
105 std::string devID = inGenericValues.GetString(TokenFiledConst::FIELD_DEVICE_ID);
106 if (!DataValidator::IsDeviceIdValid(devID)) {
107 ACCESSTOKEN_LOG_ERROR(LABEL, "DevID is wrong");
108 HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_CHECK",
109 HiviewDFX::HiSysEvent::EventType::FAULT, "CODE", LOAD_DATABASE_ERROR,
110 "ERROR_REASON", "permission deviceId error");
111 return ERR_PARAM_INVALID;
112 }
113 outPermissionState.resDeviceID.push_back(devID);
114
115 int grantFlag = (PermissionFlag)inGenericValues.GetInt(TokenFiledConst::FIELD_GRANT_FLAG);
116 if (!PermissionValidator::IsPermissionFlagValid(grantFlag)) {
117 ACCESSTOKEN_LOG_ERROR(LABEL, "GrantFlag is wrong");
118 HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_CHECK",
119 HiviewDFX::HiSysEvent::EventType::FAULT, "CODE", LOAD_DATABASE_ERROR,
120 "ERROR_REASON", "permission grant flag error");
121 return ERR_PARAM_INVALID;
122 }
123
124 outPermissionState.grantFlags.push_back(grantFlag);
125
126 int grantStatus = (PermissionState)inGenericValues.GetInt(TokenFiledConst::FIELD_GRANT_STATE);
127 if (!PermissionValidator::IsGrantStatusValid(grantStatus)) {
128 ACCESSTOKEN_LOG_ERROR(LABEL, "GrantStatus is wrong");
129 HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_CHECK",
130 HiviewDFX::HiSysEvent::EventType::FAULT, "CODE", LOAD_DATABASE_ERROR,
131 "ERROR_REASON", "permission grant status error");
132 return ERR_PARAM_INVALID;
133 }
134 if (grantFlag & PERMISSION_ALLOW_THIS_TIME) {
135 grantStatus = PERMISSION_DENIED;
136 }
137 outPermissionState.grantStatus.push_back(grantStatus);
138
139 return RET_SUCCESS;
140 }
141 } // namespace AccessToken
142 } // namespace Security
143 } // namespace OHOS
144